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DETAILED ACTION 

1 . Claims 1-21 were pending in this application at the time of the previous Office 
Action. By the latest amendment claims 8 and 9 have been cancelled. Therefore claims 
1-7 and 10-21 are pending and have been examined. 

Response to Arguments 

2. Applicant's arguments filed 6-8-06 have been fully considered but they are not 
fully persuasive. 

The applicant argues in traverse of the rejection of claim 1 1 under 35 USC 
103(a) as unpatentable over T. Hong: "Security Policy for Palladium Secure Modem'" 
and Aucsmith US 5,712,914, by asserting that the combination fails to teach an 
identifying indicia that includes graphics data that includes the image of at least one 
credit card including a credit card number. Yet Hong does indeed teach these features 
at fig. 7 element 902: "Image of a Card". 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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4. Claims 11, 12, 15, and 19-21 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over T. Hong: "Security Policy for Palladium Secure Modem", Doc. No. 
D1028, Mykotronix Inc., 11/20/1998, (from >http://csrc.nist.gov/cryptval/140- 
1/140sp/140sp061.pdf<), and Aucsmith et al., US 5,712,914. 

As for claim 1 1 , Hong teaches a secure communications modem (page 4: Scope 
of Document: the Palladium modem is taught as being a secure modem capable of 
carrying out encryption operations), comprising: a program memory adapted to store a 
program controlling aspects of modem operation (page 18 last full paragraph, the 
following passage is recited: "The Data-in Block is used to provide input data to 
commands executed on the card..." page 4, the second paragraph recites: "The card 
provides 41 individual commands which can be used to support cryptographic based 
authentication and encryption applications); and a processor, coupled to the program 
memory, the processor excluding at least a portion of a program store in the program 
memory to control at least an aspect of modem operation (page 18 last full paragraph, 
the following passage is recited: "The Data-in Block is used to provide input data to 
commands executed on the card...", page 4, the second paragraph recites: "The card 
provides 41 individual commands which can be used to support cryptographic based 
authentication and encryption applications, this reads on the presence of a processor on 
the card as well), the program adapted to cause the processor, under control of the 
program, to read identifying indicia stored integrally within the modem (page 14 Security 
Rule 21: the card can store at least 27 certificates, page 16: Security Relevant Data: the 
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card stores an X.509 certificate unique to an individual user and therefore will contain 
X.509 data unique to a user constituting an indicia, page 20: Service: Get Certificate: 
outputs a certificate via use of the processor), and communicate the identifying indicia 
to a host communicating with the modem (page 18, bottom paragraph, first two lines: 
"the host application and PALLADIUM Secure Modem communicate by means of a 
shared memory interface consisting of a Data-in Block and a Data-Out Block... the Data- 
Out Block is used to provide output data to the (host) application program). Hong does 
not teach the identifying indicia as including graphics data, the graphics data comprising 
an image of at least one of a credit card, a signature, or an account holder. Hong does 
however teach the storage of X.509 certificates in the modem (page 16: Certificate). 
Aucsmith et al. teach X.509 certificates having extensions that include these indicia (fig. 
7: element 708 "Picture", fig. 9 element 908: "User's Signature", element 914: "User's 
Photo", element 920: "Image of Card", col. 2 lines 13-20, col. 4 lines 1-5, col. 4 lines 38- 
42: the X.509 Certificate is taught as containing the multimedia extensions, col. 6 lines 
45-53 and 60-67, col. 12 lines 3-1 1 ). The image of a card as taught by Hong will 
inherently contain the card number. Therefore it would have been obvious to one of 
ordinary skill in the art at the time of the invention to incorporate these features into the 
system of Hong. It would have been desirable to do so since use of the multimedia 
extensions to the X.509 certificate would allow for greater assurance in, for example, 
user identification. This is addressed in Aucsmith et al., col. 13 lines 5-25, and also in 
Hong page 14 item 15 where a user chooses a certificate or "personality" for use in 
cryptographic operations requiring authentication, for example digital signing or key. 
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As for claim 12, Hong teaches the modem of claim 1 1 , wherein the identifying 
indicia are stored in an indicia memory physically or locally adjacent to the program 
memory (page 18: last 3 lines: the card stores certificates according to a certificate 
index used by program to retrieve a certificate, program memory is discussed in the 
remainder of the paragraph. Therefore the certificate storage memory is physically and 
locally adjacent to the program memory). 

As for claim 15, Hong does not explicitly teach the secure communication 
method of claim 5, further comprising encrypting the identifying indicia prior to causing 
the identifying indicia to be transmitted over the communications line, or transmitted to a 
host. However Hong does teach the use and transmission of an X.509 certificate 
(bearing indicia) that will therefore have a signature portion that does in fact represent a 
signed, i.e., encrypted (hash) of the certificate (and hence indicia) when transmitted. 
Aucsmith teaches an X.509 certificate having multimedia extensions comprising the 
indicia as taught by claim 1 (fig. 7: element 708 "Picture", fig. 9 element 908: "User's 
Signature", element 914: "User's Photo", element 920: "Image of Card", col. 2 lines 13- 
20, col. 4 lines 1-5, col. 4 lines 38-42: the X.509 Certificate is taught as containing the 
multimedia extensions, col. 6 lines 45-53 and 60-67, col. 12 lines 3-11), and Aucsmith 
teaches a signature field for the X.509 certificate that represents an encrypted (hash) 
representation of the certificate and therefore and encrypted representation of the 
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multimedia indicia (col. 4 lines col. 55-58). Therefore it would have been obvious to one 
of ordinary skill in the art at the time of the invention to incorporate this feature into the 
system of Hong. It would have been desirable to do so since use of the multimedia 
extensions to the X.509 certificate would allow for greater assurance in, for example, 
user identification. This is addressed in Aucsmith et al., col. 13 lines 5-25, and also in 
Hong page 14 item 15 where a user chooses a certificate or "personality" for use in 
cryptographic operations requiring authentication such as, for example, digital signing or 
key exchange. The ability to incorporate the multimedia extension data (indicia) in the 
signed hash of the certificate would increase the fidelity of authentication since more 
data unique to a user is thereby incorporated into the signed hash. 

As for claim 19, Hong does not teach claim the modem of claim 1 1 , wherein the 
identifying indicia includes an account number for a financial transaction account. 
However Aucsmith does teach this feature (fig. 9 element 906). Therefore it would have 
been obvious to one of ordinary skill in the art at the time of the invention to incorporate 
this feature into the system of Hong. It would have been desirable to do so as this would 
increase the utility and hence marketability of the secure modem to financial institutions. 

As for claim 20, the combination of Hong and Aucsmith does not explicitly teach 
the use of non-volatile memory to store the indicia, although such is implied by the use 
of a "Zeroize" command to clear the memory of any stored certificate (page 8: Zeroize). 
However Official notice may be taken that the use of non-volatile memory in a modem 
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to store user indicia, for example password and PIN data, is a step that is old and well 
known in the art. Therefore it would have been obvious to one of ordinary skill in the art 
at the time of the invention to incorporate this feature into the system of Hong and 
Aucsmith. It would have been desirable to do so in order to allow a host processor to be 
"powered down" either deliberately or inadvertently, without losing all stored indicia 
data. 

As for claim 21 , the combination of Hong and Aucsmith do not teach storage of 
the indicia in nonvolatile memory as per claim 20, where the storage is in a compressed 
format. Yet Official Notice may be taken that the use of such a format for storage in non- 
volatile memory is old and well known in the art. Therefore it would have been obvious 
to one of ordinary skill in the art at the time of the invention to incorporate this feature 
into the system of Hong and Aucsmith. It would have been desirable to do so as this 
would maximize the storage capacity of the Modem. 

Allowable Subject Matter 

5. 1-7, and 10 are allowed. 

6. Claims 13, 14, and 16-18 are objected to as being dependent upon a rejected 
base claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 
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7. The following is a statement of reasons for the indication of allowable subject 
matter: The closest prior art in the field, Hong and Aucsmith, do not teach the 
combination of features recited in independent claim 11, particularly including: 

As per claim 13, indicia memory that is writeable only when program memory is 
overwritten, 

As for claims 14: indicia that are stored permanently within the modem, 

As per claim 16 the modem of claim 14, including means for encrypting the 
indicia prior to communicating it to the host, 

As for claim 17, the modem of claim 15, wherein the identifying indicia are stored 
within a write once memory array and are accessible in a register read operation by the 
processor, 

As for claim 18, the modem of claim 14 including an indicia that identifies part of 
a financial transaction. 

8. The following is an examiner's statement of reasons for allowance: The closest 
prior art in the field, Hong and Aucsmith, do not teach the combination of features 
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recited in independent claim 1 , particularly including indicia that are writeable only when 
program memory is overwritten. Claims 2-7 and 10 are dependent on claim 1 and are 
thereby allowable on that basis. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

Conclusion 

9. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 
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1 0. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paul E. Callahan whose telephone number is (571 ) 272- 
3869. The examiner can normally be reached on M-F from 9 to 5. 

If attempts to reach the examiner by telephone are unsuccessful, the Examiner's 
supervisor, Emmanuel Moise, can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is: (571) 
273-8300. 
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